Permission Sets
Suger uses Salesforce Permission Sets to strictly control user access. These permission sets determine which Suger Tabs are visible to a user and which Action Buttons (e.g., Create Private Offer) appear on their record pages.
For configurations related to the external Suger Integration platform (such as API credentials or mapping rules), please refer to the Suger Integration Setup Guide.
Admin Privileges:
Suger Permission Sets do not restrict users with System Administrator privileges. Admins inherently possess full Read/Write access to all Suger features and Cloud Partners, regardless of the specific permission set assigned to them.
How to Access Permission Sets
To view or assign these permissions in your Salesforce environment:
-
Click the Gear Icon (⚙️) in the top-right corner of the screen and select Setup.
-
In the Quick Find box on the left sidebar, type
Permission Sets. -
Select Permission Sets from the results to view the list of available Suger permissions.
-
All Suger-related permission sets begin with the prefix
Suger. Assign the appropriate set based on the user's role in your sales cycle.
Suger provides granular Permission Sets to control access based on Role (Admin vs. User), Module (Marketplace vs. Co-sell), and Cloud Partner (AWS, Azure, GCP).
Use the tables below to assign the correct permissions to your users.
Core Roles & Admin Permissions
These permission sets provide high-level access control.
| Permission Set Name | Description & Capabilities |
|---|---|
| Suger Approver | Grants permission to Approve or Reject offers and referrals. The approval process can be enabled via Salesforce integration settings in the Suger Console. |
| Suger Integrator | Integration User Only. Grants full Read/Write access to all Suger objects, including the Settings page and configurations. Do not assign this to human users. |
| Suger Integrator (Salesforce Integration License) | API User Only. Grants full system access specifically for users holding the Salesforce Integration License. Do not assign this to standard human users. |
| Suger User | Standard User. Grants full Read/Write access to all Suger objects (Offers, Referrals, etc.) across all clouds. Excludes access to the Settings page. |
| Suger User - Read Only | Global View-Only. Grants view-only access to all Suger data. Users cannot create or edit records. |
| Suger User - Cosell | Grants Read/Write access specifically to Co-sell Referrals for all cloud partners. |
| Suger User - Marketplace | Grants Read/Write access to Offers, Entitlements, Products, Buyers, and Companies for all cloud partners (Excludes access to Co-sell Referrals). |
Co-Sell Cloud-Specific Permissions
Use these permissions to restrict a user's Referral access to a specific Cloud Provider.
These permissions also affect the user's visibility into CoSell Insights, such as Engagement Score, Possible Sales Reps, and related metrics.
These permissions do not grant access to Offers, Entitlements, Products, or Companies(Buyers).
| Permission Set Name | Description |
|---|---|
| Suger Cosell (Read Only) | View-only access to Co-sell Referrals for all cloud partners. |
| Suger Cosell - AWS | Read/Write access to Co-sell Referrals for AWS only. |
| Suger Cosell - AWS(Read Only) | View-only access to Co-sell Referrals for AWS only. |
| Suger Cosell - Azure | Read/Write access to Co-sell Referrals for Azure only. |
| Suger Cosell - Azure (Read Only) | View-only access to Co-sell Referrals for Azure only. |
| Suger Cosell - GCP | Read/Write access to Co-sell Referrals for GCP only. |
| Suger Cosell - GCP (Read Only) | View-only access to Co-sell Referrals for GCP only. |
Marketplace Cloud-Specific Permissions
Use these permissions to restrict a user's Offer & Entitlement access to a specific Cloud Provider. These permissions exclude access to Referrals.
Assigning any of the permission sets below automatically grants access to shared Marketplace objects, including Buyers, Companies, and Products. The "Cloud-Specific" restriction only applies to Offers and Entitlements.
| Permission Set Name | Description |
|---|---|
| Suger Marketplace (Read Only) | View-only access to Offers and Entitlements for all cloud partners. |
| Suger Marketplace - AWS | Read/Write access to AWS Offers and Entitlements. |
| Suger Marketplace - AWS (Read Only) | View-only access to AWS Offers and Entitlements. |
| Suger Marketplace - Azure | Read/Write access to Azure Offers and Entitlements. |
| Suger Marketplace - Azure (Read Only) | View-only access to Azure Offers and Entitlements. |
| Suger Marketplace - GCP | Read/Write access to GCP Offers and Entitlements. |
| Suger Marketplace - GCP (Read Only) | View-only access to GCP Offers and Entitlements. |
Custom Permissions
For detailed information about the custom permissions included in each permission set, see Custom Permissions.